Skip to content

Privacy Policy for the “Recaught” App

This privacy policy informs you about the processing of personal data in connection with the use of our app “Recaught”. Protecting your data is important to us. Below, we explain what information we collect, how we use it, and what rights you have.

1. Controller

Recaught GbR
Kückallee 39, 21465 Reinbek
info@recaught.app

2. Collected and processed data

  • Registration and account data: e-mail address, username, first and last name, password (stored encrypted), preferred language, favorites lists.
  • Usage and content data: catch and waterbody records (e.g. species, time, length, weight, bait details, location description, notes).
  • Location data: geographic coordinates (only after explicit consent via iOS system popup), used to retrieve local weather information.
  • Device and log data: technical information such as IP address, date and time of the request, error logs.
  • Offline data: temporarily cached requests (AsyncStorage) for later synchronization, auth token for login.

3. Purposes of processing

  • Provision of app functions (creating, storing and analyzing catch data, favorites lists).
  • Authentication and management of the user account.
  • Retrieval of external weather data based on the current location.
  • Sending system e-mails (e.g. password reset).
  • Improving app stability (caching requests, error handling).

4. Legal bases

  • Art. 6(1)(b) GDPR: performance of a contract or pre-contractual measures (provision of the app).
  • Art. 6(1)(a) GDPR: consent, e.g. for the use of location data. This consent is obtained via an iOS system popup and can be revoked at any time in the device settings.
  • Art. 6(1)(f) GDPR: legitimate interest in ensuring security and functionality (e.g. error logging, offline storage).

5. Disclosure to third parties

  • OpenWeatherMap: transmission of location coordinates to query current weather data.
  • E-mail service provider: sending system messages.
  • DigitalOcean LLC, 101 Avenue of the Americas, New York, USA: hosting of the app infrastructure.
  • MongoDB Inc., 1633 Broadway, New York, USA: storage of user data in MongoDB Atlas.

Data processing agreements pursuant to Art. 28 GDPR are in place with these service providers. Data transfers to the USA are based on the EU Standard Contractual Clauses pursuant to Art. 46 GDPR. Further transfers only take place if required by law or to enforce legal claims.

6. Storage and retention

  • Account data and catch records are stored as long as the user account exists.
  • Location data is used only temporarily for weather queries and not stored permanently.
  • Offline data (cache) is deleted after successful synchronization or logout.
  • Statutory retention obligations remain unaffected.

7. Rights of data subjects

Users have the right to:

  • access stored personal data,
  • rectification of incorrect data,
  • erasure or restriction of processing,
  • data portability,
  • withdraw consent previously given,
  • lodge a complaint with a data protection authority.

Competent supervisory authority:
Independent Centre for Privacy Protection Schleswig-Holstein (ULD)
Holstenstraße 98, 24103 Kiel, Germany
https://www.datenschutzzentrum.de/

8. Data security

The operator takes appropriate technical and organizational measures (e.g. TLS encryption, access restrictions, password hashing) to protect personal data against loss, misuse, or unauthorized access.

9. Contact

For questions about data protection or to exercise your rights, please contact:
info@recaught.app

10. Changes to this privacy policy

This privacy policy may be updated as necessary. The current version is available in the app and on our website:
https://www.recaught.app/privacy